Top News Stories

KeyStore Vulnerability Found in Android 4.3 Jelly Bean

Security researchers have discovered a vulnerability in recent builds of Android’s KeyStore, the central location where you smartphone or tablet stores and remembers passwords for you, IBM’s Security Intelligence blog is reporting.

According to the details, a hacker could use the security hole to unlock your phone, access a virtual private network (VPN) or use any app that saves your password to keep you from having to re-enter it. The vulnerability affects the 10% of Android phones worldwide running 4.3 Jelly Bean. (Earlier news reports that 86% of all Android devices were at risk were incorrect.)

Admittedly, will be difficult for hackers to actually exploit the vulnerability. The Android operating system contains a number of software protections designed to block malware and other threats by default. You're effectively protected from this threat so long as you only download apps from trusted sources, like Google Play and the Amazon App Store.

The vulnerability was also discovered on Android 4.4 KitKat, though the folks at Android have already issued a patch for it. Install any waiting updates to your device’s operating system to ensure it’s protected.

Techlicious participates in affiliate programs, including the Amazon Services LLC Associates Program, which provide a small commission from some, but not all, of the "click-thru to buy" links contained in our articles. These click-thru links are determined after the article has been written, based on price and product availability — the commissions do not impact our choice of recommended product, nor the price you pay. When you use these links, you help support our ongoing editorial mission to provide you with the best product recommendations.